VPLS Topology-Single PE or Direct Attachment

The single PE or direct attachment architecture uses a flat architecture and supports Ethernet port, 802.1Q VLAN, and dot1q tunnel modes. The CEs are directly connected to the PE routers, and this architecture involves the creation of a separate VSI for each customer. Customer traffic originating from the CE in native Ethernet or VLAN tagged frames are MPLS encapsulated with an AToM stack. Direct attachment VPLS also uses a full mesh of directed LDP and tunnel LSPs between all the PE routers. Although this creates signaling overhead, the real detriment to large-scale deployment is the packet replication requirements for each provisioned VC on a PE router. Due to scalability constraints, this solution is suitable only for simple implementations. Figure 12-6 shows a direct attachment VPLS architecture providing VPLS services to Customers A and B.

Figure 12-6. Direct Attachment VPLS Network

Customer A's network has CE routers CE1-A, CE2-A, and CE3-A connected to PEs PE1, PE2, and PE3, respectively. Links to CE1-A, CE2-A, and CE3-A are configured as switch access ports on PE1, PE2, and PE3. Customer B's CE devices, CE1-B, CE2-B, and CE3-B, are configured as 802.1Q trunk ports to PE1, PE2, and PE3, respectively. Figure 12-7 shows the data forwarding that takes place in a direct attachment VPLS architecture using port and 802.1Q modes.

Figure 12-7. VPLS Data Forwarding in Port and 802.1Q Mode

 

Configuration Flowchart for Direct Attachment VPLS

To achieve a functional VPLS network, there are two important steps. The first step is to ensure that the SP's network comprising PE1, PE2, and PE3 is enabled for MPLS forwarding. Example 12-1 shows the provider network configurations for PE1, PE2, and PE3. Throughout this chapter, you will use these as provider network configurations.

Example 12-1. Provider Network Configuration for MPLS Forwarding

!PE1

hostname PE1

!

mpls label protocol ldp

mpls ldp discovery targeted-hello accept

mpls ldp router-id Loopback0 force

!

interface Loopback0

 ip address 10.10.10.101 255.255.255.255

!

interface GE-WAN3/1

description connected to PE2

 ip address 10.10.10.1 255.255.255.252

 negotiation auto

 mpls ip

 mls qos trust dscp

!

interface GE-WAN3/2

description connected to PE3

 ip address 10.10.10.5 255.255.255.252

 negotiation auto

 mpls ip

 mls qos trust dscp

!

router ospf 1

 network 10.0.0.0 0.255.255.255 area 0

______________________________________________________________________

!PE2

hostname PE2

!

mpls label protocol ldp

mpls ldp discovery targeted-hello accept

mpls ldp router-id Loopback0 force

!

interface Loopback0

 ip address 10.10.10.102 255.255.255.255

!

interface GE-WAN3/1

description connected to PE1

 ip address 10.10.10.2 255.255.255.252

 negotiation auto

 mpls ip

 mls qos trust dscp

!

interface GE-WAN3/2

description connected to PE3

 ip address 10.10.10.9 255.255.255.252

 negotiation auto

 mpls ip

 mls qos trust dscp

!

router ospf 1

 network 10.0.0.0 0.255.255.255 area 0

______________________________________________________________________

!PE3

hostname PE3

!

mpls label protocol ldp

mpls ldp router-id Loopback0

!

interface Loopback0

 ip address 10.10.10.103 255.255.255.255

!

interface GE-WAN3/1

description connected to PE2

 ip address 10.10.10.10 255.255.255.252

 negotiation auto

 mpls ip

 mls qos trust dscp

!

interface GE-WAN3/2

description connected to PE1

 ip address 10.10.10.6 255.255.255.252

 negotiation auto

 mpls ip

 mls qos trust dscp

!

router ospf 1

 network 10.0.0.0 0.255.255.255 area 0

The second step is to configure the VPLS service, and Figure 12-8 illustrates the configuration flowchart on the PE router to provision Ethernet port mode, Ethernet 802.1Q VLAN, and Ethernet dot1Q tunnel mode.

Figure 12-8. VPLS Service Configuration Flowchart on PE Router

 

Direct Attachment VPLS Configuration Scenario 1 – Using Port and 802.1Q VLAN Modes

The objective of this configuration scenario is to demonstrate VPLS network using port and 802.1Q VLAN mode. As shown in Figure 12-7, Customer A VPLS network uses port mode and Customer B VPLS network uses 802.1Q VLAN mode.

Table 12-1 shows the MAC address associated with CE routers.

Table 12-1. MAC Address for CE Routers

Router

MAC Address

Customer A

CE1-A

0012.d9bd.b600

CE2-A

0012.8034.6980

CE3-A

0012.d9e7.ace0

Customer B

CE1-B

0012.80f3.2ce0

CE2-B

0012.d9e7.b520

CE3-B

0012.d9bd.b640

The steps to configure the topology shown in Figure 12-6 are as follows:

Step 1.

Configure the interface connected to CE device – In this step, you configure the interfaces on the PE router connected to the CE routers for Customer A as an access port (untagged)and Customer B as an 802.1Q trunk port (tagged). See Example 12-2.
 

Example 12-2. Configure the Two Interfaces Connected to CE Device

PE1(config)#vlan 100

PE1(config-vlan)#state active

PE1(config-vlan)#vlan 200

PE1(config-vlan)#state active

PE1(config)#interface fastEthernet 4/1

PE1(config-if)#description VPLS Customer A (CE1-A)

PE1(config-if)#switchport

PE1(config-if)#switchport access vlan 100

PE1(config-if)#switchport mode access

PE1(config-if)#interface FastEthernet4/2

PE1(config-if)#description VPLS Customer B (CE1-B)

PE1(config-if)#switchport

PE1(config-if)#switchport trunk encapsulation dot1q

PE1(config-if)#switchport trunk allowed vlan 200

PE1(config-if)#switchport mode trunk
 

Step 2.

Define the VFI and bind it to the interface connected to the CE – In this step, the VFI is configured. After defining the VFI, it is associated to one or more attachment circuits (interfaces, subinterfaces, or virtual circuits). The VFI specifies the VPN ID of a VPLS domain, the addresses of other PE routers in this domain, and the type of tunnel signaling and encapsulation (currently only MPLS is supported) mechanism for each peer.
 

An MPLS VPN ID is used to identify VPNs by a VPN identification number, as described in RFC 2685. This MPLS VPN ID is implemented to identify a VPN. The MPLS VPN ID feature does not control the distribution of routing information or associate IP addresses with MPLS VPN ID numbers in routing updates. Multiple VPNs can be configured in a router. You can use a VPN name (a unique ASCII string) to reference a specific VPN configured in the router. Alternately, you can use a VPN ID to identify a particular VPN in the router. The VPN ID follows a standard specification (RFC 2685). To ensure that the VPN has a consistent VPN ID, assign the same VPN ID to all the routers in the SP network that services that VPN. Each VPN ID defined by RFC 2685 consists of the following two elements:

  • Organizational unique identifier (OUI) – A three-octet hex number that is assigned by the IEEE Registration Authority to any company that manufactures components under the ISO/IEC 8802 standard. The OUI generates universal LAN MAC addresses and protocol identifiers for use in LAN and MAN applications. For example, an OUI for Cisco Systems is 00-03-6B (hex).
  • VPN index – A four-octet hexadecimal number, which identifies the VPN within the company. Use the vpn id command and specify the VPN ID in the following format:

    vpn id oui:vpn-index

    A colon separates the OUI from the VPN index.

Example 12-3 shows the steps to configure VFI and associate it to the attachment circuit.

Example 12-3. Step 3: Define the VFI and Associate It to the Attachment Circuit

PE1(config)#l2 vfi Cust_A manual

PE1(config-vfi)# vpn id 100

PE1(config-vfi)# neighbor 10.10.10.102 encapsulation mpls

PE1(config-vfi)# neighbor 10.10.10.103 encapsulation mpls

PE1(config-vfi)#l2 vfi Cust_B manual

PE1(config-vfi)#vpn id 200

PE1(config-vfi)#neighbor 10.10.10.102 encapsulation mpls

PE1(config-vfi)#neighbor 10.10.10.103 encapsulation mpls

PE1(config)#interface vlan 100

PE1(config-if)#xconnect vfi Cust_A

PE1(config-if)#interface vlan 200

PE1(config-if)#xconnect vfi Cust_B

 

Verification of VPLS Connectivity

To verify VPLS connectivity, follow these steps:

Step 1.

Ensure that directed LDP session is operational – Example 12-4 shows the output of the show mpls l2transport vc command. The output indicates the pseudo wire is functional for transporting Layer 2 packets across the MPLS backbone.
 

Example 12-4. Output of show mpls l2transport vc on PE1

PE1#show mpls l2transport vc

Local intf Local circuit Dest address VC ID Status

------------- -------------------- --------------- ---------- ----------

VFI Cust_A VFI 10.10.10.102 100 UP

VFI Cust_B VFI 10.10.10.102 200 UP

VFI Cust_A VFI 10.10.10.103 100 UP

VFI Cust_B VFI 10.10.10.103 200 UP
 

Step 2.

Verify MPLS and VC label – Example 12-5 shows the output of show mpls l2transport vc vc-number detail where the VC ID is 100, and the directed LDP peer is 10.10.10.102 and 10.10.10.103. The VC label on PE1 for the outgoing interface on PE2 connected to CE2-A is 21, and it allocates VC Label 21 for the interface connected to CE1-A. With the directed LDP peer 10.10.10.103, the VC label on PE1 for the outgoing interface on PE2 connected to CE3-A is 17, and it allocates VC Label 22 for the interface connected to CE1-A.
 

Example 12-5. show mpls l2transport vc on PE1

PE1#show mpls l2transport vc 100 detail

Local interface: VFI Cust_A up

 Destination address: 10.10.10.102, VC ID: 100, VC status: up

 Tunnel label: imp-null, next hop 10.10.10.2

 Output interface: GE3/1, imposed label stack {21}

 Create time: 10:13:08, last status change time: 10:06:25

 Signaling protocol: LDP, peer 10.10.10.102:0 up

 MPLS VC labels: local 21, remote 21

 Group ID: local 0, remote 0

 MTU: local 1500, remote 1500

 Remote interface description:

 Sequencing: receive disabled, send disabled

 VC statistics:

 packet totals: receive 973, send 971

 byte totals: receive 77383, send 77244

 packet drops: receive 0, send 0



 Local interface: VFI Cust_A up

 Destination address: 10.10.10.103, VC ID: 100, VC status: up

 Tunnel label: imp-null, next hop 10.10.10.6

 Output interface: GE3/2, imposed label stack {17}

 Create time: 10:13:09, last status change time: 10:06:45

 Signaling protocol: LDP, peer 10.10.10.103:0 up

 MPLS VC labels: local 22, remote 17

 Group ID: local 0, remote 0

 MTU: local 1500, remote 1500

 Remote interface description:

 Sequencing: receive disabled, send disabled

 VC statistics:

 packet totals: receive 90, send 977

 byte totals: receive 8560, send 77712

 packet drops: receive 0, send 0
 

In Example 12-6, show mpls l2transport summary shows the total number of the VCs that are active.

Example 12-6. Output of show mpls l2 summary on PE3

PE1#show mpls l2transport summary

Destination address: 10.10.10.102, total number of vc: 2

 0 unknown, 2 up, 0 down, 0 admin down

 2 active vc on MPLS interface GE3/1

Destination address: 10.10.10.103, total number of vc: 2

 0 unknown, 2 up, 0 down, 0 admin down

 2 active vc on MPLS interface GE3/2

In Example 12-7, show vfi shows the remote PE neighbors to which the pseudo wires are configured. The command will show the neighbors even if the pseudo wire is down.

Example 12-7. Output of show vfi on PE1

PE1#show vfi Cust_A

VFI name: Cust_A, state: up

 Local attachment circuits:

 Vlan100

 Neighbors connected via pseudowires: 10.10.10.102 10.10.10.103

Example 12-8 shows the MAC addresses learned by PE Router PE1.

Example 12-8. Output of show mac-address-table vlan on PE1

PE1#show mac-address-table vlan 100

Legend: * - primary entry



 vlan mac address type learn ports

------+----------------+--------+-----+--------------------------

* 100 0012.d9e7.ace0 dynamic Yes

* 100 0012.8034.6980 dynamic Yes

* 100 0012.d9bd.b600 dynamic Yes Fa4/1



PE1#show mac-address-table vlan 200

Legend: * - primary entry



 vlan mac address type learn ports

------+----------------+--------+-----+--------------------------

* 200 0012.d9e7.b520 dynamic Yes

* 200 0012.80f3.2ce0 dynamic Yes Fa4/2

* 200 0012.d9bd.b640 dynamic Yes

 

VPLS Configurations on PE Router

Example 12-9 shows the relevant VPLS configurations on PE Routers PE1, PE2, and PE3.

Example 12-9. VPLS Configurations on PE1, PE2, and PE3

!PE1

hostname PE1

!

l2 vfi Cust_A manual

 vpn id 100

 neighbor 10.10.10.102 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

l2 vfi Cust_B manual

 vpn id 200

 neighbor 10.10.10.102 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

interface FastEthernet4/1

 description VPLS Customer A - CE1-A

 no ip address

 switchport

 switchport access vlan 100

 switchport mode access

!

interface FastEthernet4/2

 description VPLS Customer B

 no ip address

 switchport

 switchport trunk encapsulation dot1q

 switchport trunk allowed vlan 200

 switchport mode trunk

!

interface Vlan100

 no ip address

 xconnect vfi Cust_A

!

interface Vlan200

 no ip address

 xconnect vfi Cust_B

______________________________________________________________________

!PE2

hostname PE2

!

l2 vfi Cust_A manual

 vpn id 100

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

l2 vfi Cust_B manual

 vpn id 200

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

interface FastEthernet4/1

 description VPLS Customer A

 no ip address

 switchport

 switchport access vlan 100

 switchport mode access

!

interface FastEthernet4/2

 description VPLS Customer B

 no ip address

 switchport

 switchport trunk encapsulation dot1q

 switchport trunk allowed vlan 200

 switchport mode trunk

!

interface Vlan100

 no ip address

 xconnect vfi Cust_A

!

interface Vlan200

 no ip address

 xconnect vfi Cust_B

______________________________________________________________________

!PE3

hostname PE3

!

l2 vfi Cust_A manual

 vpn id 100

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.102 encapsulation mpls

!

l2 vfi Cust_B manual

 vpn id 200

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.102 encapsulation mpls

!

interface FastEthernet2/1

 description VPLS Customer A

 no ip address

 switchport

 switchport access vlan 100

 switchport mode access

!

interface FastEthernet2/2

 description VPLS Customer B

 no ip address

 switchport

 switchport trunk encapsulation dot1q

 switchport trunk allowed vlan 200

 switchport mode trunk

!

interface Vlan100

 no ip address

 xconnect vfi Cust_A

!

interface Vlan200

 no ip address

 xconnect vfi Cust_B

 

CE Router Configurations for Customer A and Customer B

Example 12-10 shows the configurations for Customer A's and Customer B's CE devices.

Example 12-10. CE Router Configurations

!CE1-A

hostname CE1-A

!

interface FastEthernet0/0

ip address 172.16.1.1 255.255.255.0

______________________________________________________________________

!CE1-B

hostname CE1-B

!

interface FastEthernet0/0.200

 encapsulation dot1Q 200

 ip address 192.168.1.1 255.255.255.0

______________________________________________________________________

!CE2-A

hostname CE2-A

!

interface FastEthernet0/0

ip address 172.16.1.2 255.255.255.0

______________________________________________________________________

!CE2-B

hostname CE2-B

!

interface FastEthernet0/0.200

 encapsulation dot1Q 200

 ip address 192.168.1.2 255.255.255.0

______________________________________________________________________

!CE3-A

hostname CE3-A

!

interface FastEthernet0/0

ip address 172.16.1.3 255.255.255.0

______________________________________________________________________

!CE3-B

hostname CE3-B

!

interface FastEthernet0/0.200

 encapsulation dot1Q 200

 ip address 192.168.1.3 255.255.255.0

 

Direct Attachment VPLS Configuration Scenario 2 – Using Dot1q Tunnel Mode and Layer 2 Protocol Tunneling

Figure 12-9 shows a direct attachment VPLS network that is providing VPLS service to Customer A and B networks. The objective of this configuration scenario is to demonstrate dot1q tunnel mode configuration and the usage of Layer 2 tunnel protocol for CDP in Customer A's VPLS network. Customer B's VPLS network has Site 2 dual-homed to the SP network via user PE (u-PE23). Customer B network is used primarily to demonstrate how STP is tunneled and to prevent Layer 2 loops when a site has redundant links to the provider network. Figure 12-9 shows the VPLS topology used to demonstrate

  • Layer 2 tunnel protocol for CDP and STP
  • VPLS redundancy

Figure 12-9. Direct Attachment VPLS Using Dot1q Tunnel Mode and Layer 2 Protocol Tunneling

Prior to configuring this scenario, you will be introduced to the following basic concepts:

  • Cisco 802.1Q tunneling (also called Cisco 802.1Q-in-Q) – 802.1Q tunneling enables SPs to use a single VLAN to securely transport most or all of a customer's VLANs across the MAN or WAN backbone. In 802.1Q tunneling, IOS adds an additional 802.1Q tag to customer traffic in the switch at the edge of the SP's network to keep each customer's VLAN traffic segregated and private. The tag, therefore, allows customer VLANs to be backhauled across a single SP VLAN through the use of a tunnel port that is assigned to each customer site. All of a single customer's VLANs that are configured in the tunnel port on the SP's WAN edge switch are aggregated and backhauled over a single VLAN.

    Service providers, therefore, do not have to assign a unique VLAN ID number to each individual customer VLAN, which quickly consumes the 4094 VLAN space supported by Ethernet's 802.1Q technology. In this way, encapsulating multiple customer 802.1Q VLANs into a single SP 802.1Q VLAN affords SPs a scalable approach to offering Ethernet services.

  • Dot1q tunnel mode – In the VPLS network when using the dot1q tunnel mode, the 802.1Q tag is not used because the provider's MPLS network is used as a transit network in which the tunnel label is used to transport data packets from ingress PE to egress PE. Therefore, the tunnel label replaces the 802.1Q tag when the Layer 2 switch interface is configured to use the dot1q tunnel mode. Example 12-11 shows the configuration to enable dot1q tunnel mode on a switch port interface.

    Example 12-11. Dot1q Tunnel Mode Configuration

    Router(config-if)#switchport mode dot1q-tunnel
  • Layer 2 protocol tunneling – In VPLS networks, Layer 2 switch ports by default drop STP and VTP packets. To avoid this, Layer 2 protocol tunneling allows Layer 2 protocol data units (PDUs), like CDP, STP, and VTP, to be tunneled through a network. As shown in Figure 12-9, if Layer 2 protocol tunneling is not enabled, CE1-A will not see CE2-A and CE3-A as CDP neighbors. Example 12-12 shows the configuration to enable Layer 2 protocol tunneling for CDP on switch port interfaces.

    Example 12-12. Configuring Layer 2 Protocol Tunneling

    Router(config-if)#l2protocol-tunnel cdp

The steps to configure the topology shown in Figure 12-9 are as follows:

Step 1.

Configure the switch port interface connected to CE device – In this step, you configure the interfaces on the PE router connected to the CE routers for Customer A in dotq tunnel mode (untagged). Also, enable the interface for Layer 2 protocol tunneling. Example 12-13 shows the configuration on PE1 for interface 4/1 connected to CE1-A. Similarly, enable dot1q tunnel mode and Layer 2 protocol tunneling for CDP on 4/1 and 2/1 on PE2 and PE3, respectively.
 

Example 12-13. Configure the Layer 2 Interface Connected to CE Device

PE1(config)#interface fastEthernet 4/1

PE1(config-if)#description VPLS Customer A (CE1-A)

PE1(config-if)#switchport

PE1(config-if)# switchport access vlan 100

PE1(config-if)#switchport mode dot1q-tunnel

PE1(config-if)#l2protocol-tunnel cdp

______________________________________________________________________

PE2(config)#vlan 20

PE2(config-vlan)#state active

PE2(config-vlan)#no spanning-tree vlan 20,200

PE2(config)#interface FastEthernet4/12

PE2(config-if)# switchport

PE2(config-if)# switchport trunk encapsulation dot1q

PE2(config-if)# switchport trunk native vlan 20

PE2(config-if)# switchport trunk allowed vlan 20,200

______________________________________________________________________

PE3(config)#vlan 20

PE3(config-vlan)#state active

PE3(config-vlan)#no spanning-tree vlan 20,200

PE3(config)#interface FastEthernet2/12

PE3(config-if)# switchport

PE3(config-if)# switchport trunk encapsulation dot1q

PE3(config-if)# switchport trunk native vlan 20

PE3(config-if)# switchport trunk allowed vlan 20,200

For Customer B, the configurations for switch interface 4/2 on PE1 and PE2 are the same as shown in the earlier section. However, CE2B is connected to u-PE23, and u-PE23 is dual-homed to the provider network at PE2 (4/12) and PE3 (2/12). The configuration on u-PE23 is shown in Example 12-14.
 

Example 12-14. Configuration of u-PE23

u-PE23(config)#spanning-tree mode mst

u-PE23(config)#spanning-tree mst configuration

u-PE23(config-mst)# name instance1

u-PE23(config-mst)# revision 1

u-PE23(config-mst)# instance 1 vlan 200

u-PE23(config)#interface FastEthernet0/11

u-PE23(config-if)# description connected to n-PE3

u-PE23(config-if)# switchport trunk encapsulation dot1q

u-PE23(config-if)# switchport trunk native vlan 20

u-PE23(config-if)# switchport trunk allowed vlan 20,200

u-PE23(config-if)# switchport mode trunk

u-PE23(config-if)#interface FastEthernet0/12

u-PE23(config-if)# description connected to n-PE2

u-PE23(config-if)# switchport trunk encapsulation dot1q

u-PE23(config-if)# switchport trunk native vlan 20

u-PE23(config-if)# switchport trunk allowed vlan 20,200

u-PE23(config-if)# switchport mode trunk

u-PE23(config-if)#interface FastEthernet0/2

u-PE23(config-if)# description connected to CE2-B

u-PE23(config-if)# switchport trunk encapsulation dot1q

u-PE23(config-if)# switchport trunk allowed vlan 200

u-PE23(config-if)# switchport mode trunk
 

Step 2.

Define the VFI and bind it to the interface connected to the CE – For Customer A and Customer B, the VFI configuration step is similar to section "Direct Attachment VPLS Configuration Scenario 1 – Using Port and 802.1Q VLAN Modes." Because the u-PE23 router multihomes with PE2 and PE3, spanning tree needs to be configured on the u-PE23 for pseudo wires that exist between the u-PE23 and PE2 and u-PE23 and PE3 routers, respectively. It is optional to configure spanning tree on PE Routers PE2 and PE3. In this case, PE2 and PE3 routers do not process BPDUs and only forward or relay them. Assuming spanning tree is configured on PE2 and PE3, they exchange and process BPDUs with each other and with u-PE23. To make PE2 and PE3 relay BPDUs an additional VFI, STP is configured to relay the BPDUs for MST instance configured on u-PE23. Example 12-15 shows the steps to configure VFI and associate it to the attachment circuit (in this case, native VLAN 20).
 

Example 12-15. Define the VFI and Associate It to the Attachment Circuit

PE2(config)#l2 vfi STP manual

PE2(config-vfi)# vpn id 20

PE2(config-vfi)# neighbor 10.10.10.103 encapsulation mpls

PE2(config)#interface vlan 20

PE2(config-if)#xconnect vfi STP

______________________________________________________________________

PE3(config)#l2 vfi STP manual

PE3(config-vfi)#vpn id 20

PE3(config-vfi)#neighbor 10.10.10.102 encapsulation mpls

PE3(config)#interface vlan 20

PE3(config-if)#xconnect vfi STP
 

Verify Layer 2 Protocol Tunneling for CDP and MSTP

To verify Layer 2 protocol tunneling for CDP and MSTP, follow these steps:

Step 1.

Verify Layer 2 protocol tunneling – Example 12-16 provides the status of Layer 2 protocol tunneling on PE Routers PE2 and PE3. It also shows that Layer 2 protocols, CDP and STP, are being tunneled.
 

Example 12-16. Verify Layer 2 Protocol Tunneling

PE2#show l2protocol-tunnel summary

COS for Encapsulated Packets: 5

Drop Threshold for Encapsulated Packets: 0



Port Protocol Shutdown Drop Status

 Threshold Threshold

 (cdp/stp/vtp) (cdp/stp/vtp)

------- ----------- ---------------- ---------------- ----------

Fa4/1 cdp --- --- ----/----/---- ----/----/---- up

Fa4/12 --- stp --- ----/----/---- ----/----/---- up

______________________________________________________________________

PE3#show l2protocol-tunnel summary

COS for Encapsulated Packets: 5

Drop Threshold for Encapsulated Packets: 0



Port Protocol Shutdown Drop Status

 Threshold Threshold

 (cdp/stp/vtp) (cdp/stp/vtp)

------- ----------- ---------------- ---------------- ----------

Fa2/1 cdp --- --- ----/----/---- ----/----/---- up

Fa2/12 --- stp --- ----/----/---- ----/----/---- up
 

Step 2.

Layer 2 protocol tunneling (CDP) – Example 12-17 shows the output of the show cdp neighbors command in which CE1-A sees CE2-A and CE3-A as CDP neighbors, and CE2-A sees CE1-A and CE3-A as CDP neighbors.
 

Example 12-17. show cdp neighbor on CE1-A and CE2-A

CE1-A#show cdp neighbors

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

 S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

CE2-A Fas 0/0 132 R S 2611XM Fas 0/0

CE3-A Fas 0/0 170 R S 2621XM Fas 0/0

______________________________________________________________________

CE2-A#show cdp neighbors

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

 S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

CE3-A Fas 0/0 130 R S 2621XM Fas 0/0

CE1-A Fas 0/0 158 R S 2621XM Fas 0/0
 

Step 3.

Verify spanning tree – Example 12-18 shows that fas0/11 on u-PE23 is in forwarding state, and fas0/12 is in blocking state. This shows that STP is being tunneled through and that the forwarding loop no longer exists.
 

Example 12-18. show spanning-tree mst on u-PE23

u-PE23#show spanning-tree mst 1

###### MST01 vlans mapped: 200

Bridge address 000b.fd2a.6b00 priority 32769 (32768 sysid 1)

Root this switch for MST01



Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/2 Desg FWD 200000 128.2 P2p

Fa0/11 Desg FWD 200000 128.11 P2p

Fa0/12 Back BLK 200000 128.12 P2p
 

PE Configurations

Example 12-19 shows the configurations on the PE router.

Example 12-19. Configurations on PE Routers, PE1, PE2, PE3, and u-PE23

!PE1

hostname PE1

!

l2 vfi Cust_A manual

 vpn id 100

 neighbor 10.10.10.102 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

l2 vfi Cust_B manual

 vpn id 200

 neighbor 10.10.10.102 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

vlan internal allocation policy ascending

vlan dot1q tag native

!

!

interface Loopback0

 ip address 10.10.10.101 255.255.255.255

!

interface FastEthernet4/1

 description VPLS Customer A (CE1-A)

 no ip address

 switchport

 switchport access vlan 100

 switchport mode dot1q-tunnel

 l2protocol-tunnel cdp

 no cdp enable

 spanning-tree bpdufilter enable

!

interface FastEthernet4/2

 description VPLS Customer B (CE1-B)

 no ip address

 switchport

 switchport trunk encapsulation dot1q

 switchport trunk allowed vlan 200

 switchport mode trunk

!

interface Vlan20

 no ip address

xconnect vfi STP



interface Vlan100

 no ip address

xconnect vfi Cust_A

!

interface Vlan200

 no ip address

 no ip igmp snooping

 xconnect vfi Cust_B

______________________________________________________________________

!PE2

hostname PE2

!

l2 vfi Cust_A manual

 vpn id 100

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

l2 vfi Cust_B manual

 vpn id 200

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.103 encapsulation mpls

!

l2 vfi STP manual

 vpn id 20

 neighbor 10.10.10.103 encapsulation mpls

!

interface FastEthernet4/1

 description VPLS Customer A

 no ip address

 switchport

 switchport access vlan 100

 switchport mode dot1q-tunnel

 l2protocol-tunnel cdp

 no cdp enable

 spanning-tree bpdufilter enable

!

interface FastEthernet4/12

 no ip address

 switchport

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 20

 switchport trunk allowed vlan 20,200

 l2protocol-tunnel stp

 spanning-tree bpdufilter enable

!

interface Vlan20

 no ip address

xconnect vfi STP

!

interface Vlan100

 no ip address

xconnect vfi Cust_A

!

interface Vlan200

 no ip address

 no ip igmp snooping

 xconnect vfi Cust_B

______________________________________________________________________

!PE3

hostname PE3

!

l2 vfi Cust_A manual

 vpn id 100

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.102 encapsulation mpls

!

l2 vfi Cust_B manual

 vpn id 200

 neighbor 10.10.10.101 encapsulation mpls

 neighbor 10.10.10.102 encapsulation mpls

!

l2 vfi STP manual

 vpn id 20

 neighbor 10.10.10.102 encapsulation mpls

!

interface FastEthernet2/1

 description VPLS Customer A

 no ip address

 switchport

 switchport access vlan 100

 switchport mode dot1q-tunnel

 l2protocol-tunnel cdp

 no cdp enable

 spanning-tree bpdufilter enable

!

interface FastEthernet2/2

 description VPLS Customer B

 no ip address

 switchport

 switchport trunk encapsulation dot1q

 switchport trunk allowed vlan 200

 switchport mode trunk

!

interface FastEthernet2/12

 no ip address

 switchport

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 20

 switchport trunk allowed vlan 20,200

 l2protocol-tunnel stp

 spanning-tree bpdufilter enable

!

interface Vlan20

 no ip address

 no ip igmp snooping

 xconnect vfi STP

!

interface Vlan100

 no ip address

 xconnect vfi Cust_A

!

interface Vlan200

 no ip address

 xconnect vfi Cust_B

______________________________________________________________________

!u-PE2

hostname u-PE2

!

ip subnet-zero

!

vtp domain Cust_B

vtp mode transparent

!

spanning-tree mode mst

spanning-tree extend system-id

!

spanning-tree mst configuration

 name instance1

 revision 1

 instance 1 vlan 200

!

interface FastEthernet0/2

 description connected to CE2-B

 switchport trunk encapsulation dot1q

 switchport trunk allowed vlan 200

 switchport mode trunk

 spanning-tree bpdufilter enable

!

interface FastEthernet0/11

 description connected to n-PE3

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 20

 switchport trunk allowed vlan 20,200

 switchport mode trunk

!

interface FastEthernet0/12

 description connected to n-PE2

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 20

 switchport trunk allowed vlan 20,200

 switchport mode trunk

 

CE Configurations for Customers A and B

Refer to Example 12-10 for configurations of Customer A's and B's CE devices.





MPLS Configuration on Cisco IOS Software
MPLS Configuration on Cisco IOS Software
ISBN: 1587051990
EAN: 2147483647
Year: 2006
Pages: 130
Simiral book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net